GNU/Linux
# nbtscan reikia aptisiųsti komanda [sudo apt-get install nbtscan]
nbtscan 192.168.1.1-254
Doing NBT name scan for addresses from 192.168.1.1-254
IP address NetBIOS Name Server User MAC address
------------------------------------------------------------------------------
192.168.1.68 NPI781027 <unknown> 00:00:00:00:00:00
192.168.1.65 MINI-PC2 <server> <unknown> 00:1c:bf:2d:cc:12
# Nmap komanda randanti OS, kompiuterio pavadinimą, NetBIOS, WorkGroup
nmap --script smb-os-discovery -p 445 192.168.1.1-254
Nmap scan report for 192.168.1.2
Host is up (0.025s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
Host script results:
| smb-os-discovery:
| OS: Windows 7 Ultimate 7601 Service Pack 1 (Windows 7 Ultimate 6.1)
| OS CPE: cpe:/o:microsoft:windows_7::sp1
| NetBIOS computer name: User
| Workgroup: WORKGROUP
|_ System time: 2014-07-04T11:48:10+03:00
# Panašiam rezultatui galima naudoti -sC parametrą
sudo nmap -sC 192.168.1.x
# Parodis detalia kiekvieno kompiuterio informaciją, kokiai darbo grupei priklauso, kartu su serviso tipu
nbtscan -v 192.168.1.1-254
NetBIOS Name Table for Host 192.168.1.65:
Incomplete packet, 173 bytes long.
Name Service Type
----------------------------------------
MINI-PC2 <00> UNIQUE
MINI-PC2 <20> UNIQUE
WORKGROUP <00> GROUP
WORKGROUP <1e> GROUP
Windows
# NetBIOS lentele su id kodais
nbtstat -a [net-bios-name]
# Rodis lokalias NetBIOS lentelę
nbtstat -n [net-bios-name]
# Rodis netbios kompiuterio cache, kur vardas yra susietas su ip adresu
nbtstat -c
# Atnaujina NetBIOS registruotus kompiuterio/ištrina ir pilnai atnaujina lentelę
nbtstat -RR
nbtstat -R
Literatūra:
http://www.hildrum.com/nbtstat.htm - Bazines nbtstat komandos
https://pentestlab.wordpress.com/tag/nbtstat/ - nbtscan GNU/linux platformoms aprašymas
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTips/Utilities/Nbtstatrevealswhoisloggedon.html - Čia galima rasti NetBIOS reikšmes
